﻿<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="CALogin.aspx.cs" Inherits="Microhard.JHSSO.WebUI.CALogin" %>

<%@ Import Namespace="System.Security.Cryptography.X509Certificates" %>
<%@ Import Namespace="CertAppHlpComLib" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<%
    String s_gwurl = "http://ac.ccrb.com/certauthgw/";
    String s_certpath = @"D:\JINHER\CA\sevrcert.cer";
    
    //获取客户端证书
    HttpClientCertificate hCert = Request.ClientCertificate;
    if (hCert == null)
    {
        Response.Write("没有客户端证书");
        return;
    }
    X509Certificate2 cert = new X509Certificate2();
    cert.Import(hCert.Certificate);
    string loginform = Convert.ToBase64String(cert.RawData);

    try
    {
        //提交证书到电子认证服务器进行验证用户证书
        CertAppHlp certAppHlp = new CertAppHlp();
        IAppSevIntf appsev = certAppHlp.CreateAppSevIntf();
        IUASIntf uas = appsev.CreateUASIntf("", s_gwurl, s_certpath);
        LOGINID certid = uas.VerifyCertLoginForm("", loginform, "CERT_UPN");
        //>>从业务系统数据库查该证书UPN对应的用户账户，并给予登录
        string UPN = certid.id;
        Response.Write("登录成功，证书UPN：" + UPN);
    }
    catch (Exception err)
    {
        Response.Write("登录失败:" + err.Message);
    }
%>
